Thursday, November 3, 2011
SharePoint Security in URL Redirection
Say there is a web called Comms, with a Document Library. The Document Library has a folder called "Variable Accruals Report".
Users have access to this folder: "Variable Accruals Report", but not the web: Comms
So in this URL they get access denied if they try this url "http://local/IZ/Fin/Comms/default.aspx?RootFolder=%2fIZ%2fFin%2fComms%2fLibrary%2fVariable%20Accruals%20Report%2fFY%202010%20Q4%20Variable%20Accruals%20%2d%20Jun%202010%20%2d%20Aug%202010", because of the Comms/default.aspx?RootFolder bit.
As they land on this page, the page checks security and it believes no access.
But this one "http://local/IZ/Fin/Comms/Library/Forms/AllItems.aspx"will take them to the document library and show them the folders.
So the URLS show the same content, but because they get there via different address....